Critical 9.6 Unfixed
2026-04-08≤ 3.2
CVE-2026-39640
Theme Editor
Minimum safe version
3.1
Update to 3.1 or later to address 8 fixable vulnerabilities
Latest available3.2 ✓⚠ 1 vulnerability has no fix
High 8.8
2025-10-18< 3.1
WordPress Theme Editor Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)
High 7.2
2024-08-29< 2.9
CVE-2022-2440
High 7.2
2024-03-26< 2.8
CVE-2023-6091
N/A
< 2.2
Theme Editor < 2.2 - Multiple Vulnerabilities
N/A
2019-09-30< 2.2
Theme Editor <= 2.1 - Cross-Site Request Forgery
N/A
2019-09-30< 2.2
WordPress Theme Editor plugin <= 2.1 - Multiple vulnerabilities
N/A
2021-02-13< 2.6
WordPress Theme Editor plugin <= 2.5 - Multiple Authenticated Arbitrary File Download vulnerabilities
Medium 4.9
2021-04-05< 2.6
CVE-2021-24154